thompson.bet Open in urlscan Pro
2606:4700:3034::ac43:835f  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thompson.bet/	87 KB 17 KB	500ms 414ms	Document text/html	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 587b74a5e0cad5e27f0ee1cf37d8958d57299492430b9986d5b824735ee72e4e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 854dd7f5bbae4bd2-BUF content-encoding br content-type text/html; charset=UTF-8 date Tue, 13 Feb 2024 14:43:26 GMT link <https://thompson.bet/index.php?rest_route=/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxMjZRT3XrZrEpjVmznNJzCQSMfTxGdGn0lxDg9%2B%2BEhA8lFcdall2Pydj6%2B4KnbPAhoVQkRMBH1cQSk%2FZKZaUTmAzjxn3pU0%2B%2BZ6Tifadqtvg7FEK4OwpWSbe%2BZQa7vd80B%2BN9G7B8a2qaw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.min.css thompson.bet/wp-includes/blocks/navigation/	16 KB 3 KB	367ms 364ms	Stylesheet text/css	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-includes/blocks/navigation/style.min.css?ver=6.4.3 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4096-60b4dd653dc6e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baa%2ByERU62lcX8Rfmd8N0A6OuJ%2FCInPM4TdZz%2FZD%2F6wRSknsJmPHnMOkpUu7GlOFAL%2FHqfZN6VYOlvCJzcb%2BDAkM7rTxWdaYBSPgBaJd8UnSGwcqZYHY23ozyTbRccXMWxSnCgm%2FhN2uRYs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 854dd7f86e6b4bd2-BUF alt-svc h3=":443"; ma=86400
GET H2	200	style.min.css thompson.bet/wp-includes/blocks/image/	7 KB 2 KB	370ms 368ms	Stylesheet text/css	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-includes/blocks/image/style.min.css?ver=6.4.3 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1b43-60b4dd6536f0d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alE9dQq%2F2LDw4QuWB8oMKGIXwfEFqlMTmvcB%2F6IiRrqCo%2FAkjFHKOlb68U4GeEZPXl3f143QSGHJfPLVXt%2F9igtT8PAR9URIofDBjrTSLocVqDtbMwyNSdQjG3KUDetNeR9x1X%2BOmjRubHM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 854dd7f86e6c4bd2-BUF alt-svc h3=":443"; ma=86400
GET H3	200	interactivity.min.js Show response thompson.bet/wp-includes/js/dist/	32 KB 13 KB	370ms 369ms	Script text/javascript	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-includes/js/dist/interactivity.min.js?ver=6.4.3 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT content-encoding br cf-cache-status HIT last-modified Wed, 31 Jan 2024 13:36:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7e7a-6103df6b3923c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClTjyXJVPzbM2JQ8Z%2Fje2mIxlXYPMYcc1TP0mFM5cLE3J9w2r6dZIDc3UqcSpn3fBXk8%2BrQfoUA0k8zd19DUn0Lu7yc0rGoQtvDD8i7nEZI4OuZ6E2RNKkFIcwlBx%2BZ5U0LKo6C0CXq2t7g%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 854dd7fabd704bc1-BUF alt-svc h3=":443"; ma=86400
GET H3	200	view.min.js Show response thompson.bet/wp-includes/blocks/navigation/	4 KB 2 KB	388ms 386ms	Script text/javascript	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e02-60b4dd653dc6e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK%2BjIjWOqQqTE5CvKlpqZDzz4hbb9BtJ6kduEL9ZtfI8zMG%2F6gFiSqBr2FfHzEEn5rl6RwQj5MFuRRHbJBuKRVikwbblYFjRvdfkN6NrcIlv3VeroZz6MTvGx6hiPYkfASVk9xIBTNqoSdY%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 854dd7fabd734bc1-BUF alt-svc h3=":443"; ma=86400
GET H2	200	building-exterior.webp thompson.bet/wp-content/themes/twentytwentyfour/assets/images/	195 KB 196 KB	139ms 138ms	Image image/webp	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thompson.bet/wp-content/themes/twentytwentyfour/assets/images/building-exterior.webp Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ab1e25df9f0e9825e577187a3c73ebda9c0a068d9b35d2a235b8e924b9c58e5 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30c2c-60b4dd654e60e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvHhNE6R%2F5u5dnBdUptyAEDFiUeob2rykuO0Fd3FNHAIGOCZsr8W9W%2B9mBVBDOhA20s2eHpKj%2Ft0RjFvi8yxXzBCYtlxaZ4%2B9T0yzJVIrX%2FaI9XmQSdyTB5bc4mC3QMGOxDtE2Skjlu%2FZKk%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 854dd7f86e6d4bd2-BUF alt-svc h3=":443"; ma=86400 content-length 199724
GET H2	200	tourist-and-building.webp thompson.bet/wp-content/themes/twentytwentyfour/assets/images/	65 KB 65 KB	458ms 457ms	Image image/webp	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thompson.bet/wp-content/themes/twentytwentyfour/assets/images/tourist-and-building.webp Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fc42e518e17733d6c766ceec3a2154896e332571f130fae27e4f20480e0980c Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "103b2-60b4dd654f5af" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjB9iDVgiSI0vCxJ4CTORAjdjeU2Y4mCPZeHYSoHSyG48wIG12m0OkiGB%2BUOHBqW6zIfBj81GqICYC6LCaIqBl%2BnMWU9AD5CzrMsX31QuOxzm46viipQriD9WOmV1igmBJORBJQgB3316%2FU%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 854dd7f86e6e4bd2-BUF alt-svc h3=":443"; ma=86400 content-length 66482
GET H3	200	windows.webp thompson.bet/wp-content/themes/twentytwentyfour/assets/images/	123 KB 124 KB	157ms 156ms	Image image/webp	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thompson.bet/wp-content/themes/twentytwentyfour/assets/images/windows.webp Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8b72c3a34a4ac883406005c0fab343d64894c978b3dda1b6bb00eed01e9409e Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1ed24-60b4dd654e60e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZsffxZvcakjRMwJPcNnKUaSgOw3rQPvZnMv5fBCi2b7T23zLjGfYoipcP8I6k7N1H5degXIUfSY%2BABNnfNzy3y8wx71bOJ1OPwdD%2FNq%2Bi6ehGahcfzjIqawG0w5KJT4yF1pMOvL1rq0Onw%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 854dd7f9ac4a4bc1-BUF alt-svc h3=":443"; ma=86400 content-length 126244
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	6 KB 3 KB	117ms 54ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=813410&u=https%3A%2F%2Fthompson.bet%2F&vn=2 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv1 / Resource Hash 150319188e3635340f8b575542ee7afb78828bda3096dbd2e60b281cee0ce6d5 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:25 GMT content-encoding gzip via 1.1 google server gnv1 etag W/"1707138295_EA" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET BLOB	200 OK	649c76b8-09bf-4776-b67b-aed4ec0fbc8e https://thompson.bet/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://thompson.bet/649c76b8-09bf-4776-b67b-aed4ec0fbc8e Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/eu01/	35 B 146 B	107ms 105ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=813410&d=thompson.bet&u=D725C2000C8356AA4649EEFF63570765D&h=83c26ff25ccea6607cea202c3c20e9b0&t=false Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel2c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT via 1.1 google x-content-type-options nosniff server gbel2c content-type image/gif access-control-allow-origin * cache-control public, max-age=43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
GET H3	200	apmLib-929979f34f5f03e2526e580816f51aea.js Show response dev.visualwebsiteoptimizer.com/	4 KB 2 KB	78ms 46ms	Script text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/apmLib-929979f34f5f03e2526e580816f51aea.js Requested by Host: dev.visualwebsiteoptimizer.com URL: https://dev.visualwebsiteoptimizer.com/j.php?a=813410&u=https%3A%2F%2Fthompson.bet%2F&vn=2 Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv1 / Resource Hash c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822 Request headers Referer https://thompson.bet/ Origin https://thompson.bet accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:25 GMT content-encoding br via 1.1 google last-modified Mon, 12 Feb 2024 17:19:29 GMT server gnv1 etag "65ca5321-658" vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1624
GET H2	200	matomo.js Show response cdn.matomo.cloud/gzwh.matomo.cloud/	200 KB 58 KB	549ms 472ms	Script application/javascript	2600:9000:2479:c00:c:7d55:b3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/gzwh.matomo.cloud/matomo.js Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2479:c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 059a673590e137037434695ce3db6d22a320b97aaef717bbe8eb6f94e40a5896 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:27 GMT x-amz-version-id TPZ8vBMd8jkaINelTi.sVTGB44YuR4rv content-encoding gzip strict-transport-security max-age=31536000 last-modified Fri, 08 Dec 2023 00:08:00 GMT server CloudFront via 1.1 91996b055df3611b680390c98760c3d4.cloudfront.net (CloudFront) x-amz-cf-pop IAD61-P3 etag W/"968cb95956a75c63bef636d6eac95b3a" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=691200 x-amz-replication-status COMPLETED x-amz-cf-id f6TW0Ts2HQg9stWpKTHyYcAkqKw6cQUtiXeKDmqyg3SsBI1nDBvwTg==
GET H3	200	Inter-VariableFont_slnt,wght.woff2 thompson.bet/wp-content/themes/twentytwentyfour/assets/fonts/inter/	319 KB 320 KB	132ms 131ms	Font font/woff2	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b Request headers Referer https://thompson.bet/ Origin https://thompson.bet accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT cf-cache-status REVALIDATED last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4fbe4-60b4dd655054f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0IIYnMLOiWXulyNfZMzcuoZwZLJhGTQi%2FGk7in0Bar%2FhmZrURmsEupAlNhBnwg0MbIAgadDzoTj6GRNgcCVdwSZiUoHFPcfJ9mWz1qkXBgNQT2etRw7xB5VCwxlmfGWCXdDE%2BMo0J%2BCIGE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 854dd7facd8a4bc1-BUF alt-svc h3=":443"; ma=86400 content-length 326628
GET H3	200	cardo_normal_400.woff2 thompson.bet/wp-content/themes/twentytwentyfour/assets/fonts/cardo/	143 KB 143 KB	192ms 192ms	Font font/woff2	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18 Request headers Referer https://thompson.bet/ Origin https://thompson.bet accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT cf-cache-status REVALIDATED last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "23a8c-60b4dd655054f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmaiJ0YAZbqBhGq%2B3N1athVtY6uUuIZcw18IFWNCs1myl7Y15FxNyFsNje7nannu%2FkfpBEdgnv%2BV2hA7LPmE9N8bLYuc4sR3RdsKCkwWGKsGTp%2FrQ%2FdKZoQ3tjQsTYM3zjXuaouYpZHaWtA%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 854dd7facd944bc1-BUF alt-svc h3=":443"; ma=86400 content-length 146060
GET H3	200	cardo_italic_400.woff2 thompson.bet/wp-content/themes/twentytwentyfour/assets/fonts/cardo/	103 KB 103 KB	460ms 459ms	Font font/woff2	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3b2ff62e3ac4219811de0c709bd0d81d962a88dc87a598ac19b20f58f960136 Request headers Referer https://thompson.bet/ Origin https://thompson.bet accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:26 GMT cf-cache-status REVALIDATED last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "19ae0-60b4dd655054f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI0r6HPwrkdaQar5EDZAW6Pp1ZVbGArbfwZt3D6V6py0%2FYiJucL4kCK0OMuPi0GOvFSiH7g%2FKo6r6VWCvFz1eWYYaRkzETvWLGrOyKD8ViCSglZzFZiBYB77ujzckdksyh%2BwENBeKYC467M%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 854dd7facd954bc1-BUF alt-svc h3=":443"; ma=86400 content-length 105184
GET H3	200	wp-emoji-release.min.js Show response thompson.bet/wp-includes/js/	18 KB 5 KB	373ms 373ms	Script text/javascript	2606:4700:3034::ac43:835f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompson.bet/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 Requested by Host: thompson.bet URL: https://thompson.bet/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:835f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:27 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 29 Nov 2023 17:26:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4904-60b4dd64f67ca" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj%2BuOc2dUSbyIcrftpddHKy5ITGyN8DuRYkwPsNMSHdoU%2FbDCyFcBKefJFqIZLIrzK4u647ZVpxGmr7U8mymS5T6nkk2R6Z2JUBA7KLPXyx3DtreYZpond6lu2OdrZ6JRIdT2MxhJ7Ei0yg%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 854dd7fd280f4bc1-BUF alt-svc h3=":443"; ma=86400
POST H2	204	matomo.php gzwh.matomo.cloud/	0 166 B	477ms 234ms	Ping text/plain	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gzwh.matomo.cloud/matomo.php?action_name=Thompson%20%E2%80%94%20Best%20Marketing%20Agency%20%E2%80%94%20Looking%20for%20the%20best%20company%20for%20online%20marketing%3F%20Contact%20us%20and%20you%20will%20receive%20the%20maximum%20result%20in%20the%20shortest%20time.&idsite=3&rec=1&r=571789&h=4&m=43&s=27&url=https%3A%2F%2Fthompson.bet%2F&_id=02f55e1db826f0e6&_idn=1&send_image=0&_refts=0&pv_id=sWd3Nl&pf_net=87&pf_srv=414&pf_tfr=1&pf_dm1=414&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/gzwh.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thompson.bet/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://thompson.bet date Tue, 13 Feb 2024 14:43:27 GMT access-control-allow-credentials true server Apache vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
GET H2	200	configs.php Show response gzwh.matomo.cloud/plugins/HeatmapSessionRecording/	194 B 342 B	496ms 263ms	Script application/javascript	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gzwh.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=3&trackerid=2lzg6j&url=https%3A%2F%2Fthompson.bet%2F Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/gzwh.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 5fc15af7aee1192e55107bdd67c87928be5f20f10ff1497209c002db3d267ffc Request headers accept-language en-US,en;q=0.9 Referer https://thompson.bet/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Tue, 13 Feb 2024 14:43:27 GMT content-encoding gzip server Apache content-length 171 vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent content-type application/javascript
POST H3	200	apm dev.visualwebsiteoptimizer.com/	0 33 B	40ms 39ms	Ping application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/apm Requested by Host: dev.visualwebsiteoptimizer.com URL: https://dev.visualwebsiteoptimizer.com/apmLib-929979f34f5f03e2526e580816f51aea.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv1c / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thompson.bet/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 13 Feb 2024 14:43:27 GMT content-encoding gzip via 1.1 google server gnv1c alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type application/javascript; charset=UTF-8

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| _vwo_clicks object| code object| _vwo_code number| _vwo_settings_timer object| _wpemojiSettings number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain number| _vwo_acc_id object| VWO object| vwo_iehack_queue object| _paq object| __WordPressPrivateInteractivityAPI__ object| twemoji object| wp object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thompson.bet/	1970-01-21 03:10:57	Name: _vwo_uuid_v2 Value: D725C2000C8356AA4649EEFF63570765D|83c26ff25ccea6607cea202c3c20e9b0
			thompson.bet/	1970-01-21 03:49:50	Name: _pk_id.3.1453 Value: 02f55e1db826f0e6.1707835407.
			thompson.bet/	1970-01-20 18:23:57	Name: _pk_ses.3.1453 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.matomo.cloud
dev.visualwebsiteoptimizer.com
gzwh.matomo.cloud
thompson.bet
2600:9000:2479:c00:c:7d55:b3c0:93a1
2606:4700:3034::ac43:835f
3.126.133.169
34.96.102.137
059a673590e137037434695ce3db6d22a320b97aaef717bbe8eb6f94e40a5896
0fc42e518e17733d6c766ceec3a2154896e332571f130fae27e4f20480e0980c
150319188e3635340f8b575542ee7afb78828bda3096dbd2e60b281cee0ce6d5
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
587b74a5e0cad5e27f0ee1cf37d8958d57299492430b9986d5b824735ee72e4e
5fc15af7aee1192e55107bdd67c87928be5f20f10ff1497209c002db3d267ffc
7ab1e25df9f0e9825e577187a3c73ebda9c0a068d9b35d2a235b8e924b9c58e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a8b72c3a34a4ac883406005c0fab343d64894c978b3dda1b6bb00eed01e9409e
aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18
c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822
c3b2ff62e3ac4219811de0c709bd0d81d962a88dc87a598ac19b20f58f960136
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966